Lucene search
K

14 matches found

EUVD
EUVD
added 2026/03/25 6:31 p.m.5 views

EUVD-2026-15639

Missing Authorization vulnerability in PublishPress PublishPress Authors publishpress-authors allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PublishPress Authors: from n/a through = 4.10.1...

5.8AI score0.00287EPSS
Exploits0References2
NVD
NVD
added 2026/03/10 6:17 p.m.4 views

CVE-2025-27769

A vulnerability has been identified in Heliox Flex 180 kW EV Charging Station All versions F4.11.1, Heliox Mobile DC 40 kW EV Charging Station All versions L4.10.1. Affected devices contain improper access control that could allow an attacker to reach unauthorized services via the charging cable...

2.6CVSS0.00141EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/19 8:26 a.m.3 views

CVE-2026-25330 WordPress PublishPress Authors plugin <= 4.10.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in PublishPress PublishPress Authors publishpress-authors allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PublishPress Authors: from n/a through = 4.10.1...

5.5AI score0.00185EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/19 8:26 a.m.32 views

CVE-2026-25330 WordPress PublishPress Authors plugin <= 4.10.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in PublishPress PublishPress Authors publishpress-authors allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PublishPress Authors: from n/a through = 4.10.1...

4.3CVSS0.00185EPSS
Exploits0References1
EUVD
EUVD
added 2026/02/03 6:6 p.m.5 views

EUVD-2026-5207

Craft Commerce is an ecommerce platform for Craft CMS. In versions from 4.0.0-RC1 to 4.10.0 and from 5.0.0 to 5.5.1, a stored XSS vulnerability in Craft Commerce allows attackers to execute malicious JavaScript in an administrator’s browser. This occurs because the Shipping Categories Name &...

6.2CVSS5.4AI score0.00261EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.2 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003208)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003208 advisory. net/sctp/socket.c in the Linux kernel through 4.10.1 does not properly restrict association peel-off operations during certain wait states, which allows local users ...

7.1CVSS6.5AI score0.01162EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.3 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003070)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003070 advisory. net/sctp/socket.c in the Linux kernel through 4.10.1 does not properly restrict association peel-off operations during certain wait states, which allows local users ...

7.1CVSS6.5AI score0.01162EPSS
Exploits0References8
EUVD
EUVD
added 2025/12/15 12:30 a.m.5 views

EUVD-2025-203313

A flaw has been found in Mayan EDMS up to 4.10.1. The impacted element is an unknown function of the file /authentication/. This manipulation causes open redirect. It is possible to initiate the attack remotely. The exploit has been published and may be used. Upgrading to version 4.10.2 is...

5.3CVSS6.1AI score0.00401EPSS
Exploits1References7
OSV
OSV
added 2025/12/14 11:15 p.m.8 views

PYSEC-2025-134

A vulnerability was detected in Mayan EDMS up to 4.10.1. The affected element is an unknown function of the file /authentication/. The manipulation results in cross site scripting. The attack may be performed from remote. The exploit is now public and may be used. Upgrading to version 4.10.2 is...

6.1CVSS4.2AI score0.00392EPSS
Exploits1References7
PyPA
PyPA
added 2025/12/14 11:15 p.m.13 views

PYSEC-2025-134

A vulnerability was detected in Mayan EDMS up to 4.10.1. The affected element is an unknown function of the file /authentication/. The manipulation results in cross site scripting. The attack may be performed from remote. The exploit is now public and may be used. Upgrading to version 4.10.2 is...

6.1CVSS4.2AI score0.00392EPSS
Exploits1References7Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/23 5:38 a.m.5 views

CVE-2023-26114

Versions of the package code-server before 4.10.1 are vulnerable to Missing Origin Validation in WebSockets handshakes. Exploiting this vulnerability can allow an adversary in specific scenarios to access data from and connect to the code-server instance...

9.3CVSS6.9AI score0.0034EPSS
Exploits0References1
OSV
OSV
added 2023/12/29 1:15 p.m.5 views

CVE-2023-50878

Cross-Site Request Forgery CSRF vulnerability in InspireUI MStore API.This issue affects MStore API: from n/a through 4.10.1...

8.8CVSS7.3AI score0.00221EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/03/23 12:0 a.m.6 views

Coder Code-Server 访问控制错误漏洞

Coder Code-Server is a U.S. Coder company based on Microsoft's open source Visual Studio Code development products. It is used to build a convenient and unified development environment for developers. A security vulnerability exists in Coder Code-Server versions prior to 4.10.1 that stems from...

9.3CVSS8.3AI score0.0034EPSS
Exploits0References4
OSV
OSV
added 2020/04/16 7:15 p.m.3 views

CVE-2020-7484

VERSION NOT SUPPORTED WHEN ASSIGNED A vulnerability with the former 'password' feature could allow a denial of service attack if the user is not following documented guidelines pertaining to dedicated TriStation connection and key-switch protection. This vulnerability was discovered and remediate...

7.5CVSS7.1AI score0.013EPSS
Exploits0References2
Rows per page
Query Builder